Surfing and Downloading
Surfing The average worker admits to spending nearly an hour a day, outside of lunch and breaks, surfing the Internet for personal reasons. Unfortunately, a 2007 BBC story stated that one in 10 Web pages out of 4.5 million scrutinized by Google contained malicious code that could infect a user's PC.For example, typing www.craiglist.com (instead of craigslist.com) used to redirect to the sexually explicit site www.4hardcore.com (although this redirect has since ceased to be successful). In addition to displaying inappropriate content for the workplace, porn sites are notorious for containing malware. Downloading free stuff Sure, if it is free and colorful, it is tempting to download. But the truth is spyware often comes hidden in free screen savers, videos and other tempting items to download. Even free spyware removal tools can come with spyware. When you download files and applications from unknown sources, you run the risk of getting unwanted extras. Which brings me to ... Consuming bandwidth Downloading images, swapping music files and streaming video consumes bandwidth. Peer-to-peer applications are notoriously bad because they open up multiple connections, taking more than their fair share of bandwidth. One person using BitTorrent for video can clog a DSL line and slow down the network to the point where critical business applications will become unusable. The bottom line is that even the most well-meaning employee can unintentionally and unknowingly compromise the network by opening the wrong e-mail, surfing the wrong Web sites and downloading the wrong screen saver. With all of the security threats out there, even the most mundane Internet task becomes a potential threat. Organizations need to protect their employees from Internet traps and provide multiple levels of defense including gateway security, desktop security, patch management, training, acceptable use policy, monitoring and backup just in case. It is this layered approach that best secures today's small and midsize business networks from others ... and themselves. Dirk Morris is the founder and CTO of Untangle, which incorporates more than 30 open-source projects into a single open-source network gateway platform to stop spam, spyware, viruses and more. He can be reached at email@example.com.
Every file, picture or link that seems legitimate (as is the case with phishing scams) could end up downloading some sort of malicious code from the Web. Sometimes legitimate sites are hacked and infected with malicious code; other times, minor intentional misspellings in the URLs for legitimate sites lead to malicious sites.